Define, "hacked." I ask because there's degrees to this sort of thing.
Example 1: Hacker finds SQL injection vulnerability and uses it to change his bill after booking.
Example 2: "Hacker" changes the HTML form that submits his booking by changing a read-only value to read-write and adjusts the price to $1.
The first one is actual hacking. The second? Come on! In that case the hotel accepted the booking with the reduced price. That's not really hacking, that's just a comedy of errors in judgement on behalf of the hotel.
The second example is like changing the price tag on something in a store to $0.01 and then having the clerk look at it and say, "well, that seems low but the price that says one cent, so..." 🤷